Applying COSO Enterprise Risk Management Integrated Framework
Today's organizations are concerned about:
Risk Management, Governance, Control, Assurance and Consulting
Why ERM Is Important
Underlying principles: Every entity, whether for-profit or not, exists to realize value for its stakeholders.
Value is created, preserved, or eroded by management decisions in all activities, from setting strategy to operating the enterprise day-to-day.
Why ERM Is Important
ERM supports value creation by enabling management to: Deal effectively with potential future events that create uncertainty.Respond in a manner that reduces the likelihood of downside outcomes and increases the upside.
Enterprise Risk Management Integrated Framework
This COSO ERM framework defines essential components, suggests a common language, and provides clear direction and guidance for enterprise risk management.
The ERM Framework
ERM considers activities at all levels of the organization:
Enterprise-level Division or subsidiary Business unit processes
Enterprise risk management requires an entity to take a portfolio view of risk.
Management considers how individual risks interrelate.Management develops a portfolio view from two perspectives:
Business unit level
Entity level
The ERM Framework
The eight components of the framework are interrelated
Internal Environment
Considers all other aspects of how the organization's actions may affect its risk culture.
Event Identification
Event Identification
Risk Assessment
Likelihood- Impact Is used to assess risks and is normally also used to measure the related objectives.
Employs a combination of both qualitative and quantitative risk assessment methodologies. Relates time horizons to objective horizons. Assesses risk on both an inherent and a residual basis.
Risk Response
Selects and executes response based on evaluation of the portfolio of risks and responses....